Denial of Service in vorbis-tools
ID: | FEDORA-2015-1191 |
Distribution: | Fedora |
Plattformen: | Fedora 20 |
Datum: | Mi, 4. Februar 2015, 10:45 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9640 |
Applikationen: | vorbis-tools |
Originalnachricht |
|
Name : vorbis-tools Product : Fedora 20 Version : 1.4.0 Release : 13.fc20 URL : http://www.xiph.org/ Summary : The Vorbis General Audio Compression Codec tools Description : Ogg Vorbis is a fully open, non-proprietary, patent- and royalty-free, general-purpose compressed audio format for audio and music at fixed and variable bitrates from 16 to 128 kbps/channel. The vorbis package contains an encoder, a decoder, a playback tool, and a comment editor. -------------------------------------------------------------------------------- Update Information: - do not use stack variable out of its scope of validity (CVE-2014-9640) -------------------------------------------------------------------------------- ChangeLog: * Mon Jan 26 2015 Kamil Dudka |